Skip to main content

plone.app.portlets CVE-2026-55248

CRITICAL
2026-06-23
Share

Severity by source

vuln.today AI
7.7 HIGH

Network-reachable RSS fetch trigger; PR:L assumed as portlet URL configuration likely requires authenticated access; S:C reflects server-wide availability collapse from resource exhaustion.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Lifecycle Timeline

1
Analysis Generated
Jun 23, 2026 - 20:18 vuln.today

Description PRE-NVD

Disclosed via oss-security. NVD scoring and full description are pending.

AnalysisAI

Denial of service in Plone's RSS feed portlet component (plone.app.portlets) allows an attacker to exhaust server resources by supplying or triggering the parsing of a maliciously crafted RSS/Atom feed, rendering the Plone application unavailable. Disclosed June 23, 2026 as part of a coordinated Plone security release, the issue carries a critical severity rating of 9.1. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Control or redirect target RSS feed URL
Delivery
Serve maliciously crafted feed payload
Exploit
Plone server fetches feed on page load
Execution
XML parser enters pathological resource consumption
Persist
Worker process exhausted
Impact
Site availability lost

Vulnerability AssessmentAI

Exploitation The RSS feed portlet must be configured on a Plone site and pointed at a URL whose content the attacker can influence or control. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The reported severity of 9.1 critical is atypically high for a pure denial-of-service finding and warrants scrutiny before prioritization. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who controls or can redirect an external RSS feed URL fetched by a Plone site's RSS portlet serves a maliciously crafted feed document - for example, an XML payload designed to trigger deep recursion or explosive entity expansion. When any visitor loads a Plone page containing that portlet, the server fetches and attempts to parse the payload, consuming excessive CPU or memory until the Plone worker process is exhausted or killed, making the site unavailable. …
Remediation Apply the updated plone.app.portlets package released in conjunction with the June 23, 2026 coordinated security advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Document all Plone instances in production, identify current versions, and disable untrusted RSS portlet sources where operationally feasible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-55248 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy